Using model-based test workflows for security-related software development

Security-related software challenges

Embedded software has gradually become the core of today's innovative products. Embedded software is an important component that defines its function and controls its electrical and mechanical systems for products that are essential in our daily life. For example, in aircraft, automobiles, trains or medical equipment, failure can lead to personal casualties. It is important to be cautious at this time and to make additional efforts to ensure that the system operates safely, that users are safe and that costly product recalls are avoided.

For highly secure code, enterprises must follow stringent development standards and guidelines, such as do-178c and do-178b for commercial avionics, ISO 26262 for automobiles, IEC 62304 for medical devices, and IEC 6150 for general functional safety Requirements 8. Companies are responsible for providing evidence of their adoption of good development processes, such as tracking capabilities from requirements to implementation, adequate testing, and their tools that do not cause errors in the product. Additional time must be taken and additional tests performed to confirm that the software meets the security requirements, all of which can significantly increase development time and cost.

Automated testing using model-based testing

With model-based testing, you can capture test cases graphically. This is useful for creating more understandable and expressive test cases and simplifying communication across the development team. Test cases can track requirements to easily understand the impact of changes in requirements. Ibm? The Rational? Rhapsody? Testconductor Add on is rational Rhapsody Developer, rational Rhapsody Designer for Systems engineers or rational Rhapsody Ar The Chitect for Software version adds model-based test functionality based on the UML test profile. The test configuration file adds the concepts of test architecture and test behavior to UML to tailor the development environment to the test. The test architecture extends the existing UML 2.0 architectural concepts to describe the related test elements and their relationships. Similarly, test behavior extends the behavioral concepts of existing UML 2.0 to include all observations and activities in the testing process.

Rhapsody Testconductor Add on automatically creates a test schema for the system you are testing. Users can create test cases graphically by using UML sequence diagrams, Statechart diagrams, or flowcharts. The graphical representation of test cases allows better communication of tests and helps to understand the behavior of the design. Users can perform tests and view the results to automate unit tests and regression tests. By performing tests in the early stages of the design model phase of the development process, QA managers and software engineers can efficiently and efficiently validate the requirements of the design and identify the problem as quickly as possible.

The advantages of model-based testing in security-related development

Security-related software must have complete traceability from requirements to software architectures to code. In addition, you must have the ability to track demand correctness test cases from requirements to development software. Implementation elements such as test architectures, test cases, and model-level concepts allow for direct bidirectional tracking capabilities at the model level. This supports the requirement coverage and structure coverage of the automated analysis model and code. In addition, if you use UML sequence diagrams, state machines, and other annotations to specify test cases graphically, validation will be easier and more effective than traditional code-centric test cases. Model-based approaches allow the development of design artifacts and test artifacts within a unified framework. Therefore, this method can improve the agility of the development and test process, and is more efficient and lower cost than the process with independent development and testing phases. IBM Rational Rhapsody Testconductor Add on automates many test activities, including creating test architectures and executing test cases. As a result, testers can focus on the correctness and completeness of their test cases without having to take the time to deal with tedious, error-prone tasks, such as creating test devices. Model-driven test architectures and test cases have graphical features and clear documentation compared to traditional test scripting languages, making them easier to maintain.

Overview of reference workflows with model-based testing

The Rational Rhapsody reference workflow describes a model-based development approach that includes automated code generation and model-based testing for security-related software development. Figure 1 shows the main activities in the reference workflow. The top half of the workflow describes the activities for designing and implementing security-related software. The lower part of the workflow describes the activity of the validation software.

This method solves the design and implementation at the same time, and also provides the proper testing and verification. Use textual representations of requirements to guide the development of formal UML/SYSML models that will then be converted to code using code generation. The complete steps are accompanied by appropriate guidelines and checks.

The refinement steps from text requirements to design models that can be used for code generation will be validated by performing model-level tests based on the system requirements, which will be done using the IBM Rational Rhapsody animation through model simulations. This test is also called the model in the loop (model-in-the-loop,mil) test. The generated code can be validated on the computer by executing the same test case in the MiL process, but without the Rational Rhapsody animation. This test is also called Software in the Loop (Software-in-the-loop,sil) test. MiL and SiL test results will perform automatic equivalent checks (contrast tests) to verify the results. In addition, a set of tests can be performed on the target processor to supplement such validation, which is referred to as the processor in the loop (Processor-in-the-loop,pil) test. Test execution of the model and Code provides a structured coverage metric that evaluates the integrity of the test and avoids unnecessary functionality. Requirements coverage is measured during the execution of test cases.

Figure 1. IBM Rational Rhapsody Reference Workflow Activities

The first activity in a workflow is to transform a given requirement into an executable model, using the appropriate modeling guidelines. Then, add model-based tests to ensure that the model does correctly capture the requirements. Coverage testing (requirements coverage and model coverage) can measure the integrity of model-based test suites. Code generation is used to generate implementations from the model. Contrast testing or equivalence testing between models and code is a key element of code validation. Running tests at two levels simultaneously verifies that the model and code exhibit the same behavior. Code coverage metrics are used to ensure the integrity of test suites based on predefined code coverage standards.